On Tue Mar 28 13:37:41 2006, Mike Hearn wrote:
Here's an idea - the problem with requiring an EA or +x to be set
is it breaks backwards compatibility (it'd break Crossover/Wine for
one ...). But what if the logic is inverted - so the absence of +x
means a file is trusted, and web browsers or email programs set +x
when they save a file to disk? The +x bit on a .desktop file in the
users home dir is then treated as a "don't trust" marker. This
doesn't break backwards compatibility and only requires that web
browsers and email programs be patched.
There are a lot more browsers and email programs than there are
.desktop interpreters, and moreover the majority of email/browsers
are designed to be cross-platform, so getting the code in there
correctly would be more annoying.
I'd still be happier with some solution that prevented a .desktop
file masquerading as a JPEG file, but anything is better than
nothing ...
I don't think that requiring +x for .desktop "activation" precludes
marking .desktop files in some special way.
Dave.
--
You see things; and you say "Why?"
But I dream things that never were; and I say "Why not?"
- George Bernard Shaw
_______________________________________________
xdg mailing list
[email protected]
http://lists.freedesktop.org/mailman/listinfo/xdg
